SECURITY ADVISORY: The following program may screw a large Internet search
engine and make the Web a safer place.

LUBBOCK, TX, February 20th -- Today CULT OF THE DEAD COW (cDc), the world's
most attractive hacker group, announced the release of Goolag Scanner, a web
auditing tool. Goolag Scanner enables everyone to audit his or her own web
site via Google. The scanner technology is based on "Google hacking," a form
of vulnerability research developed by Johnny I Hack Stuff. He's a lovely
fellow. Go buy him a drink.

"It's no big secret that the Web is the platform," said cDc spokesmodel
Oxblood Ruffin. "And this platform pretty much sucks from a security
perspective. Goolag Scanner provides one more tool for web site owners to
patch up their online properties. We've seen some pretty scary holes through
random tests with the scanner in North America, Europe, and the Middle East.
If I were a government, a large corporation, or anyone with a large web site,
I'd be downloading this beast and aiming it at my site yesterday. The
vulnerabilities are that serious."

Goolag Scanner will be released open source under the GNU Affero General
Public license. It is dedicated to the memory of Wau Holland, founder of the
Chaos Computer Club, and a true champion of privacy rights and social justice.

GOOLAG SCANNER FUNCTIONS AND FEATURES

Goolag Scanner is a standalone windows GUI based application. It uses one
xml-based configuration file for its settings. All dorks coming with the
distribution of gS are kept inside one file.

About CULT OF THE DEAD COW
Based in Lubbock, Texas, CULT OF THE DEAD COW (cDc) is the most influential
computer underground group in the world. The cDc alumni list reads like a
Who's Who of hacking and includes a former Presidential advisor on Internet
security, among others. The group is further distinguished by publishing the
longest running e-zine on the Internet [est. 1984], stretching the limits of
the First Amendment, and fighting anyone or any government that aspires to
limit free speech. For more information, please visit www.cultdeadcow.com

I held a speech at the 23rd Chaos Communication Congress on the 28th of December. I wanted to move the people in the audience to use their technological skills to enact positive change in the world. You can find a recording of the talk here.

A lot of people from the audience enlisted themselves as a volunteer. If YOU want to help us, you can send me a message at mib-at-hacktivismo-dot-com. We are especially looking for programmers, translators, QA testers, graphical artists and INFOSEC experts. If you are working on an interesting project related to freedom of information and human rights, please let us know as well.

Hacktivismo Releases Torpark (posted by jtesta on September 19th, 2006)

Torpark keeps Web surfers’ identities private, can run off a USB stick, and scrubs tracks from host computers and browsers.

New York, NY (PRWEB) September 19, 2006 — Hacktivismo, an international group of computer security experts and human rights workers, just released Torpark, an anonymous, fully portable Web browser based on Mozilla Firefox. Torpark comes pre-configured, requires no installation, can run off a USB memory stick, and leaves no tracks behind in the browser or computer. Torpark is a highly modified variant of Portable Firefox, that uses the TOR (The Onion Router) network to anonymize the connection between the user and the website that is being visited.

“We live in a time where acquisition technologies are cherry picking and collating every aspect of our online lives,” said Hacktivismo founder Oxblood Ruffin. “Torpark continues Hacktivismo’s commitment to expanding privacy rights on the Internet. And the best thing is, it’s free. No one should have to pay for basic human rights, especially the right of privacy.”

Torpark is being released under the GNU General Public License and is dedicated to the Panchen Lama*.

HOW TORPARK WORKS
When a user logs onto the Internet, a unique IP address is assigned to manage the computer’s identity. Each website the user visits can see and log the user’s IP address. Hostile governments and data thieves can easily monitor this interaction to correlate activity and pinpoint a user’s identity.

Torpark causes the IP address seen by the website to change every few minutes to frustrate eavesdropping and mask the requesting source. For example, a user could be surfing the Internet from a home computer in Ghana, and it might appear to websites that the user was coming from a university computer in Germany or any other country with servers in the TOR network.

It is important to note that the data passing from the user’s computer into the TOR network is encrypted. Therefore, the user’s Internet Service Provider (ISP) cannot see the information that is passing through the Torpark browser, such as the websites visited, or posts the user might have made to a forum. The ISP can only see an encrypted connection to the TOR network.

However, users must understand that there are limitations to the anonymity. Torpark anonymizes the user’s connection but not the data. Data traveling between the client and the TOR network is encrypted, but the data between the TOR network and websites is unencrypted. Therefore, the user should not use his/her username or password on websites that do not offer a secure login and session (noted by a golden padlock at the bottom of the Torpark browser screen).

ABOUT HACKTIVISMOhttp://www.hacktivismo.com
Hacktivismo is a group of international hackers, human rights workers, artists and others who seek to further the goals of human rights through technology. They operate under the aegis of the CULT OF THE DEAD COW (cDc). Hacktivismo is committed to developing technologies in support of the highest standards of human rights.

ABOUT THE CULT OF THE DEAD COWhttp://en.wikipedia.org/wiki/CDc_communications
The CULT OF THE DEAD COW (cDc) is the most influential hacking group in the world. The cDc alumni reads like a Who’s Who of hacking and includes a former U.S. presidential advisor on Internet security, among others. The group is further distinguished by publishing the longest running e-zine on the Internet [est. 1984, stretching the limits of the First Amendment, and fighting anyone or any government that aspires to limit free speech.

* ABOUT THE PANCHEN LAMAhttp://www.savetibet.org/news/positionpapers/panchenlama.php
The Panchen Lama is often referred to as the world’s youngest political prisoner. In May 1995, agents of the Chinese government kidnapped the six-year-old Panchen Lama and his parents. They have not been seen or heard from since, despite repeated calls from the United Nations and international human rights organizations. Chinese officials claim that the Panchen Lama is being held in “protective custody”. Six months after the abduction, China installed its handpicked version of the Panchen Lama. The boy is forced to act as a mouthpiece for Chinese policy in Tibet, and is referred to as “the fake” by Tibetans.

The Hacktivismo team is thrilled to welcome diskrez to our midsts. For those of you who follow the ins and outs of the Ninja Strike Force religiously, he needs no introduction. Those that have been living under a digital rock for the past century will get to know the man soon enough by his actions.

NEW YORK, NY (PRWEB) July 21, 2006 – Hacktivismo, an international group of hackers, human rights workers, lawyers, and computer security experts announces the release of ScatterChat (http://www.scatterchat.com/), a free, open source application designed to facilitate secure and private real-time communication over the Internet.

ScatterChat is unique in that it is intended for non-technical human rights activists and political dissidents operating behind oppressive national firewalls. It is an instant messaging client that provides end-to-end encryption over the Electronic Frontier Foundation-endorsed Tor network. Its security features include resiliency against partial compromise through perfect forward secrecy, immunity from replay attacks, and limited resistance to traffic analysis, all reinforced through a pro-actively secure design.

According to lead developer J. Salvatore Testa II, “The anonymity and encryption that ScatterChat provides ensures that both the identities and messages of activists remain a mystery, even to well-funded totalitarian governments.”

Hacktivismo will be announcing the release of ScatterChat at the HOPE conference taking place July 21-23, at the Hotel Pennsylvania in New York, NY.

ABOUT HACKTIVISMO

Hacktivismo, a subdivision of CULT OF THE DEAD COW (cDc), has been combating information rights abuses for more than a decade. Its Goolag campaign brought great visibility to the issue of Internet censorship in China. Hacktivismo assumes as an ethical point of departure the principles enshrined in the Universal Declaration on Human Rights and the International Convention on Civil and Political Rights.

ABOUT CULT OF THE DEAD COW

Founded in Lubbock, TX, CULT OF THE DEAD COW (cDc) is the most influential hacking group in the world. The cDc alumni reads like a Who’s Who of hacking and includes a former Presidential advisor on Internet security, among others. The group is further distinguished by publishing the longest running e-zine on the Internet [est. 1984], stretching the limits of the First Amendment, and fighting anyone or any government that aspires to limit free speech.

Our very own Oxblood Ruffin engineered the Goolag campaign in response to Google’s new alliance with the Chinese government’s oppressive tactics. Also Oxblood’s doing is an interesting reaction to the hearings U.S. Congress is having regarding Microsoft, Yahoo!, and Cisco’s cooperation as well.